diff --git a/roles/virtualization/templates/cloud-user-data.yml.j2 b/roles/virtualization/templates/cloud-user-data.yml.j2
index 471ef6a..25fbeb5 100644
--- a/roles/virtualization/templates/cloud-user-data.yml.j2
+++ b/roles/virtualization/templates/cloud-user-data.yml.j2
@@ -8,13 +8,14 @@ users:
   - name: "{{ user.name }}"
     primary_group: "{{ user.name }}"
     groups: users
+{% if user.sudo | default(false) | bool %}
     sudo: "ALL=(ALL) NOPASSWD:ALL"
+{% endif %}
     passwd: "{{ user.password | password_hash('sha512') }}"
     lock_passwd: false
-{% set ssh_keys = user['keys'] | default([]) %}
-{% if ssh_keys | length > 0 %}
+{% if 'keys' in user and user['keys'] is iterable and user['keys'] is not string and user['keys'] | length > 0 %}
     ssh_authorized_keys:
-{% for key in ssh_keys %}
+{% for key in user['keys'] %}
       - "{{ key }}"
 {% endfor %}
 {% endif %}